Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: stackguard-like embedded protection

From: Greg KH <greg () WIREX COM>
Date: Tue, 5 Sep 2000 21:57:27 -0700
On Tue, Sep 05, 2000 at 05:09:20PM +0200, typo () INFERNO TUSCULUM EDU wrote:


where's the need for research? i've made glibc rpms without %n the day
the first format bugs went to bugtraq, and had them installed on all of my
[linux] machines since then...


That doesn't solve much, as there are a bunch of programs out there that
actually _use_ the '%n' modifier legitimately.  Once the format bugs came
out, I did a scan of all of the source code on a RedHat box.  There are
more programs that use '%n' than I expected.  I can dig up the list if
people want.

So a "real" solution can't just ignore the C Standard.  And just
removing '%n' isn't a "real" solution.


greg k-h

--
greg@(kroah|wirex).com
Previous By Date Next
Previous By Thread Next

Current thread: